package org.huzhp.security.wx;

import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;

import java.util.Collection;

/**
 * @Description 微信登录 AuthenticationToken，模仿 UsernamePasswordAuthenticationToken 实现
 * @Author huzp
 * @Data 2019/3/28
 * @Version 1.0
 */
public class WxAuthenticationToken extends AbstractAuthenticationToken {

    /**
     * 回调状态值，用于判断是否用做绑定操作
     */
    private String state;
    /**
     * 在 AuthenticationToken 中该字段代表登录的用户名，
     * 在这里就代表登录的手机号码
     */
    private final Object principal;

    /**
     * 构建一个没有鉴权的 AuthenticationToken
     */
    public WxAuthenticationToken(Object principal, String state) {
        super(null);
        this.principal = principal;
        this.state = state;
        setAuthenticated(false);
    }

    /**
     * 构建拥有鉴权的 AuthenticationToken
     */
    public WxAuthenticationToken(Object principal, String state, Collection<? extends GrantedAuthority> authorities) {
        super(authorities);
        this.principal = principal;
        this.state = state;
        // must use super, as we override
        super.setAuthenticated(true);
    }

    @Override
    public Object getCredentials() {
        return null;
    }

    @Override
    public Object getPrincipal() {
        return principal;
    }

    @Override
    public void eraseCredentials() {
        super.eraseCredentials();
    }

    public void setState(String state) {
        this.state = state;
    }

    public String getState() {
        return state;
    }

}
